Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)Xmirror Security
Websitehttps://www.xmirror.cn/
Company size (employees)100 to 499
Type of solutionSoftware

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

1. Support for various languages, supported by vast knowledge base
• Support for software component analysis of multiple mainstream programming languages including but not limited to Java, JavaScript, PHP.
• Supported by a mass of real-time component database, vulnerability database, license database, feature database in cloud platform.
2. Component dependency parsing and Visualized SBOM analysis
• Parsing of components’ direct dependency and indirect dependency.
• Analyze component security vulnerabilities, and position the affected area quickly and repair it in time.
• Visualized SBOM (Software Bill of Material) helps to sort out internal software assets quickly.
3. License compliance analysis and intellectual property security protection
• Support for mainstream licenses detection.
• Analyze the compliance and compatibility risks of open-source licenses.

Brief Overview

OpenSCA is the open-sourced version of Xcheck OSS (Open-Source Security Platform) under Xmirror Security. It succeeded the core capabilities of Xcheck OSS’s SCA open-source application security defect detection. Through software component analysis, dependency analysis, feature analysis, reference identification, compliance analysis, etc., OpenSCA can deeply explore various security vulnerabilities and open-source protocol risks hidden in components, and discover known security vulnerabilities in advance to reduce the risk of users facing of security attacks in the software supply chain.